So, here's the problem. Most of the time, DNS client leases should last for an entire day (24 hours) and must update by UDP (right? correct me if i'm wrong), or otherwise the WAN connection gets cut. IE: loses connections to your favorite IM client, the Internet, or anything similar. The problem here is the DNS leases go only through for an hour, and then the connection goes kaput. I've tried Static IP addressing, router reset/reboot, but nothing else came up. And it seems that ONLY the wireless clients get these problems, except for a computer running Windows XP, connected through LAN. The router used here is a Linksys wrt300n router, running DD-WRT (after bricking it due to a failed ROM flash with the last official Linksys firmware issued for v1 models).

The nutshell: An XP client gets a DNS client lease lasting for 24 hours. Checked everything, seems to be running fine. The Vista clients get only a 60 minute lease from the router. Ugh.

Any insights here? If anyone here wants to see my DD-WRT settings, I'll post them as soon as somebody replys here. K? :P

FWIW the lease is for the entire IP configuration, not just the DNS server.

The router assigns the lease time, so unless there is something special (and unusual to me) in your firmware it's really unexpected for ethernet and wireless connections, or different operating systems, to get different times.

192.168.2.1 is not the default LAN IP for (most) Linksys routers. Is it the default for the DD-WRT? Or you assigned it? Are you sure the wireless PC you showed is connecting to the Linksys router?

Quote:

... after bricking it due to a failed ROM flash ...

"Bricking" usually means making it inoperative. But you managed to get it working again?

So the firewall will show the modem or router and you got to give it the right.

It's a Linksys WRT300N running on the latest (WIP, #12672) build of DD-WRT. Don't know what you meant by "...firewall will show the modem or router", but I'm quite sure it has both router + firewall functions, since it includes SPI firewall and some advanced routing features the stock Linksys wrt300n v1 firmware didn't offer, including the last 1.03.6 release.

Quote:

Originally Posted by TerryNet

FWIW the lease is for the entire IP configuration, not just the DNS server.

The router assigns the lease time, so unless there is something special (and unusual to me) in your firmware it's really unexpected for ethernet and wireless connections, or different operating systems, to get different times.

192.168.2.1 is not the default LAN IP for (most) Linksys routers. Is it the default for the DD-WRT? Or you assigned it? Are you sure the wireless PC you showed is connecting to the Linksys router?

It's been set to 192.168.2.1 for the past 2 1/2 years until last April 2009 when it stopped connecting to the 'net with the old 0.93.9 firmware. Tried to update it to 1.03.6. So this is the part where things went downhill. I accidentally flashed it with another firmware that was actually coded for the v1.1 wrt300n's, hence the brick. Got it back running with a jtag fix, done by a friend (don't have access to a soldering tool right now).

I can set it to 192.168.0.1, but setting it to the original 192.168.1.1 address (default for the stock Linksys firmware) will not connect to the WAN, even with DHCP disabled and Static IP enforced. Odd enough? Absolutely.

There's even more. Shutting off the XP client (wired to router) somewhat fixed the DNS client lease time, but turning it back on again will cause the router to give out the 60-minute leases to the wireless clients.

Your computer - modem or router or combo need to have rights so you need them to be in the trust zone.
That way it can renew your IP address. If it can't renew it gives you a limited one that keeps running out of time.

Also if you ever take the router away or add a router you have to renew your IP address.

Quote:setting it to the original 192.168.1.1 address (default for the stock Linksys firmware) will not connect to the WAN
That could be because your modem is actually a modem/router combo, which also uses the 192.168.1.x subnet.

Other than that, I have no ideas to add to this.

I know that the WRT300n is a combination modem + router. Done already that with another WRT-series router on a friend (PPoE mode). Tried setting my modem to Bridged mode and let the WRT300N router do the PPoE transaction, but still no good results. However, there's something more.

Quote:

Originally Posted by hewee

Firewall see's what is hooked up to the computer.
Like firewall will see...
Computer-modem
Computer-router
Computer-router/modem combo

Your computer - modem or router or combo need to have rights so you need them to be in the trust zone.
That way it can renew your IP address. If it can't renew it gives you a limited one that keeps running out of time.

Also if you ever take the router away or add a router you have to renew your IP address.

Some people at the DD-WRT.com forums told me that firewalls like ZoneAlarm are a bit unfriendly with DD-WRT firmware (emphasis mine). I don't know the exact details, but usually I set the router and modem IP's to whitelist them (back then, when I still have them).

It's been a long time that I've used the last commercially-available software firewall. I used to have Comodo and ZoneAlarm Firewall(s) installed, but after being fed up dealing with the authorization dialog boxes that appear when I connect to a network or install something, I simply removed it. Seems also to have sped up my Internet connection too, at the expense of NOT having a firewall (or even anti-virii/anti-spyware application).

However, things look good for now. Here's the point: Disabling the NetBIOS connection (and its service through the services.msc box), rewriting the Winsock settings with netsh int ip reset resetlog.txt and adding this command (see quote below). apparently solved the short DHCP lease. I'll give out first the ipconfig /allcompartments /all results first.

The skinny: Lease is expiring causing the connection to drop momentarily until the lease is renewed. It's supposed to be renewed by a UDP request from the client when reaching 50% of the lease time but responses from server are being blocked by the SPI firewall. They are being blocked because the response comes from a different address (wherein I used the DNS Advantage's servers instead of my ISP's) than the request was sent to (hence a loss of connection state and failure to pass the firewall). I can disable the SPI firewall, but that defeats the purpose of having a router with firewalling capabilites in the first place, right? If so, better use a hub.

The solution is to add a rule on the DD-WRT console that will allow the reply from the DHCP servers listed on the quote. :P

Last edited by metalmadness; 01-Sep-2009 at 03:00 AM..
Reason: It's 4:00 in the morning. Sleeeepy...

OK it sounds like you have another DNS program and your firewall is blocking the renewing.
So it is still your firewall doing the blocking and some part of that program does not have the rights so see if you can find it.

With Firewalls if you delete that program then it will ask again.
But there may be components that were not deleted that was never given rights and it will not change them unless you delete the program from the firewall and lower the firewall setting to a learn mode and then that should find and change the other setting that is now keeping you from getting the modem renewed.

OK it sounds like you have another DNS program and your firewall is blocking the renewing.
So it is still your firewall doing the blocking and some part of that program does not have the rights so see if you can find it.

With Firewalls if you delete that program then it will ask again.
But there may be components that were not deleted that was never given rights and it will not change them unless you delete the program from the firewall and lower the firewall setting to a learn mode and then that should find and change the other setting that is now keeping you from getting the modem renewed.

Again, there's NO firewall installed on the client and its associated plugins on my computer. Only the router does the firewalling job. According to Wikipedia (copypasted, emphasis not mine), SPI is defined as "a stateful firewall (any firewall that performs stateful packet inspection (SPI) or stateful inspection) is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. The firewall is programmed to distinguish legitimate packets for different types of connections. Only packets matching a known connection state will be allowed by the firewall; others will be rejected."

Quote:

Originally Posted by srhoades

Why not just use those DNS servers in the DHCP scope that way your clients will get a DNS address of the router and the router uses your proffered DNS severs?

Apparently, it does not work as easily on DD-WRT. Using the address of the router won't get them, because DNSMasq handles it a tad different. It's possible to do it on the stock Linksys firmware, though.

THIS THREAD HAS EXPIRED.
Are you having the same problem?
We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.